From 53aa4ef1fc4036240aff7a26d9a036fb305bdede Mon Sep 17 00:00:00 2001
From: user <user@rpios.local>
Date: Sun, 22 Feb 2026 07:37:19 +0100
Subject: [PATCH] fix: use container: directive instead of podman run on host
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Match s5p CI pattern — run jobs inside containers managed by the
runner rather than invoking podman directly on the host. Avoids
rootless namespace permission issues.
---
 .gitea/workflows/ci.yml | 26 +++++++++++++++-----------
 1 file changed, 15 insertions(+), 11 deletions(-)

diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml
index e5a69d6..c9f7500 100644
--- a/.gitea/workflows/ci.yml
+++ b/.gitea/workflows/ci.yml
@@ -1,4 +1,4 @@
-name: CI
+name: ci
 
 on:
   push:
@@ -9,18 +9,22 @@ on:
 jobs:
   lint:
     runs-on: linux
+    container: docker.io/davidanson/markdownlint-cli2:v0.17.2
     steps:
-      - name: Checkout
-        run: podman run --rm -v "$PWD:/out:Z" docker.io/library/alpine:3 sh -c "wget -qO- '${{ github.server_url }}/${{ github.repository }}/archive/${{ github.ref_name }}.tar.gz' | tar xz -C /out --strip-components=1"
-
-      - name: Markdown lint
-        run: podman run --rm -v "$PWD:/work:Z" docker.io/davidanson/markdownlint-cli2:v0.17.2 "**/*.md"
+      - run: apk add --no-cache git
+      - run: |
+          git clone --depth 1 \
+            -c "http.extraHeader=Authorization: token ${{ github.token }}" \
+            "${{ github.server_url }}/${{ github.repository }}.git" .
+      - run: markdownlint-cli2 "**/*.md"
 
   link-check:
     runs-on: linux
+    container: python:3.12-slim
     steps:
-      - name: Checkout
-        run: podman run --rm -v "$PWD:/out:Z" docker.io/library/alpine:3 sh -c "wget -qO- '${{ github.server_url }}/${{ github.repository }}/archive/${{ github.ref_name }}.tar.gz' | tar xz -C /out --strip-components=1"
-
-      - name: Check internal links
-        run: podman run --rm -v "$PWD:/work:Z" -w /work docker.io/library/python:3.12-slim python3 scripts/check-links.py
+      - run: apt-get update -qq && apt-get install -y -qq git > /dev/null
+      - run: |
+          git clone --depth 1 \
+            -c "http.extraHeader=Authorization: token ${{ github.token }}" \
+            "${{ github.server_url }}/${{ github.repository }}.git" .
+      - run: python3 scripts/check-links.py